<?php

// Include the different user types so we can filter out unauthorized users
include("include/dbUserTypes.php");

// Include our user class
include_once("include/user.php");

// Create a variable to store our user if we're validated
$user = null;

// Check if we're in a valid session. If not, go back to main login page.
if( !isset($_SESSION['user']) || $_SESSION['user'] == null ) {
    header("location:main_login.php");
}
else {
    // Unserialize our user to turn it back into a useful object
    $user = unserialize($_SESSION['user']);
}

// If we're not an financial user go back to the user redirection page and log this event.
if( $user->getUserType() != $USERTYPE_FINANCIAL ) {
    echo "Unauthorized access. This event has been logged.";
    header("location:login_success.php");
}
else
{
    // Connect to our database
    include("include/dbconnection.php");
    
    // Select all users that have a last connected time of 0 (UNIX epoch)
    // 0 is used since it would never be set as such in the user creation script
    $db_query = "SELECT 
    h.$TABLE_HOME_HOMEID, h.$TABLE_HOMES_PRICE, 
    u.$TABLE_USERS_USERID
    FROM  $TABLE_HOME h, $TABLE_USERS u
   WHERE u.$TABLE_USERS_USERID = h.$TABLE_HOME_SOLDTO 
    AND h.$TABLE_HOME_SOLDTO > 0 AND h.$TABLE_HOME_PRICE > 0";//GET HOMES WHICH SOLDTO GREATER THAN 0 IS JUST PRECAUTION, //NO USERS SHOUDL HAVE ID 0
   //and price not set to 0 which would mean already transacted
    $resultSet = mysql_query($db_query);

    // If we didn't get results, output simple message.
    // Otherwise show the new users.
    if(mysql_num_rows($resultSet) == 0)
        echo "No new registrations have taken place.";
    else
    {
        // Permit activation
        $_SESSION['activation'] = 1;
        ?>
        <table>
            <tr style="background: #FFFFFF; color: #74653D;">
                <th>Home ID</th>
                <th>Home price</th>
                <th>User ID</th>
                <th>Make Transaction</th>
            </tr>
        <?php
        // Show all the users and add an activation link.
        while( $row = mysql_fetch_array($resultSet) ) {
            ?>
            <tr>
                <td><?php echo $row[$TABLE_HOME_HOMEID]?></td>
                <td><?php echo $row[$TABLE_HOME_PRICE]?></td>
                <td><?php echo $row[$TABLE_USERS_USERID]?></td>
                <td>
                    <form name="activateForm_12 id = <?php echo $row[$TABLE_HOME_HOMEID]?>" method="post" action="include/sellhouse.php">
                        <input name="homeID" type="hidden" value="<?php echo sha1($row[$TABLE_HOME_HOMEID].$row[$TABLE_HOME_HOMEID])?>"/>
                        <input name="id" type="hidden" value="<?php echo $row[$TABLE_HOME_PRICE]?>"/>
                        <input name="userID" type="hidden" 
 value="<?php echo $row[$TABLE_USERS_USERID]?>"/>                          </form>
                        <a href="sellhouse.php">Make Transaction</a>                 
                </td>
            </tr>          
            <?php
        } // End while loop ?>
        </table>
    <?php
    } // End else statement
    
    // Close the connection
    mysql_close();
    
    
    
}


